S-Memo can store Google account credentials of rooted devices

By Gene Ryan Briones on 11/13/2012

If you happen to own a rooted Samsung Galaxy device, you need to hear this report. Rooting your device always has its own risks. An XDA user named graffixnyc checked his S-Memo SQLite files on his Galaxy S III and discovered that S-Memo stored his Google account and password in plain text. Another XDA user named ViViDboarder added that rooted devices can indeed view internal contents such as SQLite files. graffixnyc pointed out that although this issue usually happens on rooted devices, the content themselves should be encrypted and not viewable in plain text.

“I was poking around the S-memo databases when I opened a table using SQLIte editior. When I opened the table I was shocked to see my Google account username and password in clear plain text. Now, I did have the option to sync to Google drive and the app did prompt for my google username and password so obviously it stores it somewhere. I was just shocked to see it stored in plain text and not encrypted,” writes graffixnyc. You can follow the thread here.